Wind River Support Network

Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database. To remediate this security vulnerability, customers should configure network encryption in their clients and servers to protect sensitive data sent over untrusted networks. Refer to http://docs.oracle.com/cd/E11882_01/license.112/e47877/options.htm#CIHFDJDG - Oracle Advanced Security section of Oracle Database Licensing Information 11g Release 2 (11.2) for details of this licensing change.

Find out more about CVE-2013-3826 from the MITRE-CVE dictionary and NIST NVD

---

Products Affected

Login may be required to access defects or downloads.

Related Products

Notes
Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.